protected void additionalAuthenticationChecks()

in taverna-server-webapp/src/main/java/org/apache/taverna/server/master/identity/WorkflowInternalAuthProvider.java [146:179]

• 29 lines of code
• 7 McCabe index (conditional complexity)

	protected void additionalAuthenticationChecks(UserDetails userRecord,
			@Nonnull Object principal, @Nonnull Object credentials)
			throws Exception {
		@Nonnull
		HttpServletRequest req = ((ServletRequestAttributes) currentRequestAttributes())
				.getRequest();

		// Are we coming from a "local" address?
		if (!req.getLocalAddr().equals(req.getRemoteAddr())
				&& !authorizedAddresses.contains(req.getRemoteAddr())) {
			if (logDecisions)
				log.info("attempt to use workflow magic token from untrusted address:"
						+ " token="
						+ userRecord.getUsername()
						+ ", address="
						+ req.getRemoteAddr());
			throw new BadCredentialsException("bad login token");
		}

		// Does the password match?
		if (!credentials.equals(userRecord.getPassword())) {
			if (logDecisions)
				log.info("workflow magic token is untrusted due to password mismatch:"
						+ " wanted="
						+ userRecord.getPassword()
						+ ", got="
						+ credentials);
			throw new BadCredentialsException("bad login token");
		}

		if (logDecisions)
			log.info("granted role " + SELF + " to user "
					+ userRecord.getUsername());
	}